CVE-2023-27997

CVE Database · CVE-2023-27997

CVE-2023-27997

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

85.69%

Published

Jun 13, 2023

Modified

Oct 24, 2025

CISA Known Exploited Vulnerability

Added: 2023-06-13 · Due: 2023-07-04

Apply updates per vendor instructions.

Public PoC / Exploit (9)

All weaponized →

TrickestTrickest PoC index GitHub PoCBishopFox/CVE-2023-27997-check★134 GitHub PoClexfo/xortigate-cve-2023-27997★63 GitHub PoCrio128128/CVE-2023-27997-POC★27 GitHub PoCdelsploit/CVE-2023-27997★9 GitHub PoCTechinsightsPro/ShodanFortiOS★2 GitHub PoCimbas007/CVE-2023-27997-Check★1 GitHub PoCpuckiestyle/cve-2023-27997★0 GitHub PoCCyb3rEnthusiast/CVE-2023-27997★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-122CWE-787

Affected Products (25)

fortinet · fortiproxyvulnerable

fortinet · fortiosvulnerable

References (3)

https://fortiguard.com/psirt/FG-IR-23-097

Vendor Advisory

https://fortiguard.com/psirt/FG-IR-23-097

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27997

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs